07052024_0839_07052024_New PO (#1437) pdf[.]pdf[.]z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07052024_0839_07052024_New PO (#1437) pdf.pdf.z
Size

653KB
MD5

ba3d7dc97ec10be4343ed56d663b8ffc
SHA1

1616f15eb385a92bdd9bd57fc9d32b5dc6abf834
SHA256

66430e0dde9c38a7434de3ab084e816e1ebcbbd45dcd8af71f2356a9467e02f0
SHA512

90c7712ff847abb0f46d16dd1cce3792d204cadfc8372f0d58655cf22d793ac8faee242ae567e825426bd3c50b839bdf22627a5a099d95afca56800a53ea0246
SSDEEP

12288:jle8shp8+T/CYKMuDiYkrCVGajZmsD9fZ8vOBo2N54G5hdAPfEDJBt006EuTqnQ9:j03fKnD8CVZZf95B7N544iPfEDJBS06B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/New PO (#1437) pdf.exe

Files

07052024_0839_07052024_New PO (#1437) pdf.pdf.z
.rar

Password: infected
New PO (#1437) pdf.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 698KB - Virtual size: 697KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ